This module exports the core of the Hails HTTP server. Specifically it
defines basic types, such as HTTP Request and Response, used by
the Hails web server and untrusted Hails Applications.

At a high level, a Hails Application, is a function from Request
to Response in the DC monad. Every application response is
sanitized and sanity checked with the secureApplicationMiddleware. Moreover, every Request is sanitized with sanitizeReq
before handed over to authenticators.

Middleware used by Hails

Hails Middleware that ensures the Response from the
application is readable by the client's browser (as determined by the
result label of the app computation and the label of the browser). If
the response is not readable by the browser, the middleware sends a
403 (unauthorized) response instead.

Adds the header Content-Security-Policy to the response, if the
label of the computation does not flow to the public label,
dcPublic. The default-src directive is set to the secrecy
component of the response label (if it is a disjunction
of principals). Currently, self is always added to the
whitelist. An example may be: